Firefox Security Vulnerabilities and Microsoft

It was recently disclosed that Firefox has critical security vulnerabilities:

The flaw is specific to Firefox's implementation of JavaScript, a 10-year-old scripting language widely used on the Web. In particular, various programming tricks can cause a stack overflow error, Spiegelmock said. The implementation is a "complete mess," he said. "It is impossible to patch."

[...]

The hackers claim they know of about 30 unpatched Firefox flaws. They don't plan to disclose them, instead holding onto the bugs.

Impossible to patch? The hackers won't disclose the bugs?

A follow up article sheds some interesting light on the subject:

But Spiegelmock has now backpedaled on those claims. In a statement provided to Mozilla, which coordinates development of Firefox, Spiegelmock said that the computer code displayed during the presentation does not fully compromise a PC running the browser.

"I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven't used it to take over anyone else's computer and execute arbitrary code," he wrote in the statement, which was posted on Mozilla's Web site on Monday.

[...]

He pinned the claim that the hackers know of 30 yet-to-be-fixed flaws in Firefox entirely on his co-presenter, Wbeelsoi. "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not," Spiegelmock wrote. Wbeelsoi could not immediately be reached for comment.

As mentioned in comp.os.linux.advocacy, it should be noted that the conference where these dubious claim were made was sponsored by Microsoft:

Coincidence?